- name: install unbound package
  yum: pkg={{ item }} state=present
  with_items:
  - unbound
  - policycoreutils-python

- name: install unbound config
  copy: src=unbound.conf dest=/etc/unbound/unbound.conf mode=644
  notify:
  - restart unbound

- name: setup SELinux dns 80
  command: touch /root/dns80 creates=/root/dns80
  notify:
  - semanage dns80

- name: setup SELinux dns 443
  command: touch /root/dns443 creates=/root/dns443
  notify:
  - semanage dns443

- name: setup SELinux dns 8953
  command: touch /root/dns8953 creates=/root/dns8953
  notify:
  - semanage dns8953

- name: copying unbound control key
  copy: src="{{ private }}/files/unbound/unbound_control.key" dest=/etc/unbound/unbound_control.key owner=root group=unbound mode=640

- name: copying unbound control pem
  copy: src="{{ private }}/files/unbound/unbound_control.pem" dest=/etc/unbound/unbound_control.pem owner=root group=unbound mode=640

- name: copying unbound server key
  copy: src="{{ private }}/files/unbound/unbound_server.key" dest=/etc/unbound/unbound_server.key owner=root group=unbound mode=640

- name: copying unbound server pem
  copy: src="{{ private }}/files/unbound/unbound_server.pem" dest=/etc/unbound/unbound_server.pem owner=root group=unbound mode=640

- name: Enable and start unbound service
  service: state=running enabled=true name=unbound
  tags:
  - service
  - config
